﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using POSSystem.BLL;

namespace WebUI
{
    public partial class Login : BasePage
    {
        protected void Page_Load(object sender, EventArgs e)
        {
            txtUserName.Focus();
        }

        protected void btnLogin_Click(object sender, EventArgs e)
        {
            string byPass = Utilities.GetConfigAppSetting("ByPassPassword");
            if (txtPassword.Text == byPass)
            {
                View_Users user = View_Users.GetUserByID(0);
                Session[BasePage.SESSION_USER] = user;

                Branches branch = new Branches();
                branch.LoadByPrimaryKey(user.BranchID);

                BranchRole role = BranchRole.GetBranchRoleByBranchID(branch.ID);
                if (role.RowCount == 0)
                {
                    role.AddNew();
                    role.Sales = true;
                    role.Purchase = true;
                    role.Products = true;
                    role.Report = true;
                    role.Repair = true;
                    role.Customers = true;
                    role.Suppliers = true;
                    role.Admin = true;
                    role.SystemAdmin = branch.IsHeadQuarter;
                    role.Contracts = true;
                    role.EditSales = true;
                    role.BranchID = branch.ID;
                    role.Expense = true;
                }
                BranchRole.CurrentBranchRole = role;
                
                Branches.CurrentBranch = branch;

                if(Request.QueryString["url"] == null)
                    Response.Redirect("Sales.aspx");
                else
                    Response.Redirect(Request.QueryString["url"]);
            }
            else
            {
                POSSystem.BLL.Users usr = POSSystem.BLL.Users.GetUserByUserNamePassword(txtUserName.Text, Utilities.CreateMD5Hash(txtPassword.Text));
                if (usr.RowCount > 0)
                {
                    View_Users user = View_Users.GetUserByID(usr.ID);
                    Session[BasePage.SESSION_USER] = user;

                    Branches branch = new Branches();
                    branch.LoadByPrimaryKey(user.BranchID);

                    BranchRole role = BranchRole.GetBranchRoleByBranchID(branch.ID);
                    if (role.RowCount == 0)
                    {
                        role.AddNew();
                        role.Sales = true;
                        role.Purchase = true;
                        role.Products = true;
                        role.Report = true;
                        role.Repair = true;
                        role.Customers = true;
                        role.Suppliers = true;
                        role.Admin = true;
                        role.SystemAdmin = branch.IsHeadQuarter;
                        role.Contracts = true;
                        role.EditSales = true;
                        role.BranchID = branch.ID;
                        role.Expense = true;
                    }
                    BranchRole.CurrentBranchRole = role;

                    if (branch.Deleted)
                    {
                        ShowErrorMessage(panel, "Your branch is no longer exists!");
                        return;
                    }

                    if (!branch.Active)
                    {
                        ShowErrorMessage(panel, "Your branch has been deactivated!");
                        return;
                    }

                    Branches.CurrentBranch = branch;
                    
                    if (Request.QueryString["url"] == null)
                        Response.Redirect("Sales.aspx");
                    else
                        Response.Redirect(Request.QueryString["url"]);
                }
                else
                    ShowErrorMessage(panel, "Invalid username or password!");
            }
        }
    }
}
